ISPs leave themselves open to 'enemy within'

Up to 12 percent of all scanning attacks targeting broadband service
providers networks are launched internally, from their own subscribers,
newly published research has claimed.

According to the study conducted by security firm Sandvine, the majority of these internal attackers are zombie PCs - whose owners are completely unaware that their computers are infected and scanning IP addresses, sending requests to useable port numbers, and transferring worm or Trojan code when a vulnerable host is found.

The report, which is based on data gleaned from over 100 globally-dispersed ISP deployments collectively supporting 20 million subscribers, goes on to claim that most ISPs mistakenly believe that all attacks come from external attackers, and that broadband security only consists of policing the borders between external and internal networks.

"If the enemy is already loose within the gates, it doesn't matter how high the walls are," said Dave Caputo, president and CEO of Sandvine, pointing out that strong network-edge defences can only form part of the solution to protecting networks and subscribers.

"Broadband service providers must not only prevent malicious agents from entering their network from the outside, but also cleanse the unsuspecting attackers on the inside."

Caputo argues that, with the increase in more evasive, destructive
attacks, broadband providers can no longer rely on signature-based
detection to mitigate attacks. He advocates using a combined approach that also includes behavioral detection and in-depth network traffic monitoring as the only way of stopping zero-day attacks and cleansing the network both from incoming and outgoing attacks.

Techscape is SC Media’s content marketing platform. Industry experts share their views in the following categories

Partner Content is sponsored content brought to you by a vendor

SC Media arms cybersecurity professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.